skills/akillness/jeo-skills/codeflow/Gen Agent Trust Hub

codeflow

Pass

Audited by Gen Agent Trust Hub on Jun 27, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill downloads the CodeFlow tool from its official public GitHub repository (https://github.com/braedonsaunders/codeflow.git) during the installation process. This is a documented and necessary step for the tool's self-hosting functionality.
  • [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute an installation script (scripts/install.sh) which performs repository management using git and launches the application using system openers like open or xdg-open.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes content from external repositories and local file systems.
  • Ingestion points: Untrusted data enters the context when the agent reads files, markdown documents, and pull request information from codebases.
  • Boundary markers: There are no specific delimiters or instructions provided to the agent to distinguish between its instructions and the data being analyzed.
  • Capability inventory: The skill allows the use of powerful tools such as Bash, Write, Edit, and Grep, which could be exploited if the agent follows instructions hidden within a processed codebase.
  • Sanitization: No validation or sanitization of the analyzed content is performed prior to the agent's interaction with it.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 27, 2026, 04:58 AM
Security Audit — agent-trust-hub — codeflow